According to a recent RSM report, a critical issue midmarket companies face when selecting an IT services company is determining which company they can trust. As your IT partner, we take our responsibility seriously, and the following are 4 reasons you can depend on us.
1. We are SSAE 18 SOC 2 certified each year
Service organizations like IT outsourcing companies use Statement on Standards for Attestation Engagements 18 (SSAE 18), a set of standards for privacy and security controls, to identify and manage security risks involved in handling customer data. To prove their compliance with these standards, they hire a CPA to audit and report on their controls using a framework called System and Organization Controls 2 (SOC 2). A satisfactory audit allows companies to earn a SSAE 18 SOC 2 certification. This regular certification not only proves the company’s controls are strong, but also that they are willing and able to invest in maintaining their certification well as keep current with rapidly changing technology and threats. Xantrion has been SSAE 18 SOC 2 certified for the last eight years.
2. We perform all IT services in-house
Xantrion doesn’t outsource any of its services. We have a large enough team to handle all aspects of technical support, from a 24×7 helpdesk to a virtual Chief Information Security Officer (vCISO) and everything in between, including a 24×7 Network and Security Operations Center (NOC/SOC). In addition, our cybersecurity expertise is some of the best in the business – we are one of the top 200 Managed Service Security Providers (MSSPs) in the United States.
3. We undergo an in-depth, third-party penetration test each year
A penetration test identifies how a cybercriminal might get into a company’s network and systems in order to steal data and compromise operations. Be sure to work with an IT service provider that not only performs an annual penetration test to proactively identify and remedy vulnerabilities in their systems that could leave your network and systems open to attack, but also invests in a thorough test performed by a reputable, third-party.
Many penetration testers will charge a few thousand dollars to perform automated scans of the outside of a computer network and report which areas are vulnerable to attack. While this information is necessary, it doesn’t go far enough in identifying network vulnerabilities. An in-depth test is performed by a human being who emulates cyberattackers by trying multiple methods of getting into your systems from inside as well as outside of your network. Click here to learn more about penetration testing.
4. We provide a cybersecurity guarantee
We are confident in our cybersecurity programs, so if you experience a ransomware attack or other breach that requires our response, we will restore compromised systems and data at no extra charge.